Hey Kurt (and all) - Thanks - that's just what I was afraid I was going to have to do. I'll set up a change management period for it now... Sigh...:) Thanks!
- Sean ---- Sean Hennessey Networking and Information Security Systems Administrator The University of Portland -----Original Message----- From: Cisco Clean Access Users and Administrators [mailto:[EMAIL PROTECTED] On Behalf Of Kurt Huenemann Sent: Wednesday, July 09, 2008 1:31 PM To: [email protected] Subject: Re: Cert Question Sean, These are the instructions from Cisco TAC that worked for us last time we renewed our certs. Maybe something here will help you? ==================== 1) From CAM web console, manage the CAS, go to the Certs section and export the current private key, then the certificate. Save this somewhere safe. 2) During a maintenance window, generate a new temporary certificate for the CAS using the UI. Please make sure that you fill all the fields correctly. Once the new certificate is generated, export the new private key and a CSR (certificate signing request). 3) During the same maintenance window, import back the old private key, and certificate, verify and upload the cert and restart the CAS (service perfigo restart or reboot whichever is easier). 4) Send the CSR obtained in step#2 for signing. Once you receive the signed cert back, perform step #3 except with the new private key and the newly received signed cert. And restart the CAS. ======================= Kurt
